From 6426496b0133275935b6822205bf9dfa82f890f4 Mon Sep 17 00:00:00 2001
From: loop0day <loop0day@gmail.com>
Date: Wed, 1 May 2019 00:53:31 +0800
Subject: [PATCH] Add keyUsage to signcsr.cnf

---
 apps/gmca/signcsr.cnf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/apps/gmca/signcsr.cnf b/apps/gmca/signcsr.cnf
index ff9e22dc..6f784d0d 100644
--- a/apps/gmca/signcsr.cnf
+++ b/apps/gmca/signcsr.cnf
@@ -186,6 +186,7 @@ basicConstraints=CA:FALSE
 
 # This is typical in keyUsage for a client certificate.
 # keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+keyUsage = digitalSignature
 
 # This will be displayed in Netscape's comment listbox.
 nsComment			= "OpenSSL Generated Certificate"